Modify the new rsa_verify routine. We now also check the integrity of
the private data (verifying that p > q and that iqmp really is the
inverse of q mod p). In addition, we _no longer_ check that e*d == 1
mod (p-1)(q-1): instead we do separate checks mod (p-1) and mod (q-1),
since the order of the multiplicative group mod n is actually equal to
lcm(p-1,q-1) rather than phi(n)=(p-1)(q-1). (In other words, the
Fermat-Euler theorem doesn't point both ways.)
git-svn-id: svn://svn.tartarus.org/sgt/putty@1024
cda61777-01e9-0310-a592-
d414129be87e